The Internet is a worldwide network of computers and computer networks arranged to allow the easy and robust exchange of information between users of computers. Hundreds of millions of people around the world have access to computers connected to the Internet via Internet Service Providers (ISPs). Content providers place multimedia information, i.e. text, graphics, sounds, and other forms of data, at specific locations on the Internet referred to as websites. The combination of all the websites and their corresponding webpages on the Internet is generally known as the World Wide Web (WWW) or simply the Web.
Websites may be created using HyperText Markup Language (HTML) to generate a standard set of tags that define how the webpages for the website are to be displayed. Users of the Internet may access content providers' websites using software known as an Internet browser, such as MICROSOFT INTERNET EXPLORER or NETSCAPE NAVIGATOR. After the browser has located the desired webpage, it requests and receives information from the webpage, typically in the form of an HTML document, and then displays the webpage content for the user. The user may then view other webpages at the same website or move to an entirely different website using the browser.
Browsers are able to locate specific websites because each website on the Internet has a unique Internet Protocol (IP) address. Each IP address is a 32 bit binary number, but is typically shown in dotted decimal notion (i.e.—192.145.68.112) to improve human readability. IP addresses, however, even in dotted decimal notation, are difficult for people to remember and use. A Uniform Resource Locator (URL) is much easier to remember and may be used to point to any computer, directory, or file on the Internet. A browser is able to access a website on the Internet through the use of a URL. The URL may include a Hypertext Transfer Protocol (HTTP) request combined with the website's internet address, also known as the website's domain name. An example of a URL with a HTTP request and domain name is: http://www.companyname.com. In this example, the “http” identifies the URL as a HTTP request and the “companyname.com” is the domain name.
Individuals, companies, and other entities that provide content on the web generally want to use their name or one of their trademarks as part of their domain name. Thus, domain names are generally company trademarks, personal names, or short phrases concatenated with a top level domain name (TLD) extension (e.g. .com, .net, .org, .biz, .us, .cc, .ws, .de, etc.). TLD extensions can be divided into two groups. The first group is known as generic Top-Level Domains (gTLD) and the second group is country code TLDs (ccTLD). Examples of gTLDs include .com, .net, .org, .biz, etc. Examples of current ccTLDs include .us for the United States, .uk and .gb for United Kingdom, .ca for Canada, .de for Germany, .jp for Japan, etc. Most gTLDs are organized through a central domain name Shared Registration System (SRS) based on their TLD.
The process for registering a domain name with .com, .net, .org and some other TLDs allows an Internet user to use an ICANN-accredited Registrar to register their domain name. For example, if an Internet user, John Doe, wishes to register the domain name “mycompany.com,” John Doe may initially determine whether the desired domain name is available by contacting a domain name Registrar. The Internet user may make this contact using the Registrar's webpage and typing the desired domain name into a field on the Registrar's webpage created for this purpose. Upon receiving the request from the Internet user, the Registrar may ascertain whether “mycompany.com” has already been registered by checking the SRS database associated with the TLD of the domain name. The results of the search may then be displayed on the webpage to thereby notify the Internet user of the availability of the domain name. If the domain name is available, the Internet user may proceed with the registration process. Otherwise, the Internet user may keep selecting alternative domain names until an available domain name is found. Domain names are typically registered for a period of one to ten years with first rights to continually re-register the domain name.
An individual or entities' domain name is increasingly the anchor around which their online presence is maintained. For example, a company's website (www.companyname.com) and email system (john.doe@companyname.com) utilize the company's domain name as an integral part of their architecture.
For Internet users and businesses alike, the Internet continues to be increasingly valuable. More people are using the Web for everyday tasks, from shopping, banking, and paying bills to consuming media and entertainment. E-commerce is growing, with businesses delivering more services and content across the Internet, communicating and collaborating online, and inventing new ways to connect with each other.
Websites allow individuals and businesses to share their information with a large number of Internet users. Many products and services are offered for sale on the Internet, thus elevating the Internet to an essential tool of commerce. Internet businesses, whether a large corporation or an individual, are rapidly creating websites to take advantage of the growing number of customers using the Internet and customers' increasing willingness to purchase goods and services over the Web. Websites created by Internet businesses may be reached by millions of Internet savvy customers, thereby allowing Internet businesses to offer their products and services to a very large pool of potential customers.
Some Internet business websites, typically those that receive or share sensitive information (i.e.—those associated with banks, credit card companies, online businesses, social organizations, etc.) may require Internet users to login to the website with a secure username and password before accessing the website's content.
The username/password system is a common form of secret authentication data used to control website access. The username/password is kept secret from those not allowed access. Those wishing to gain access are tested on whether or not they have a valid (recognized) username and whether they know the associated password. Internet users are granted or denied access to websites accordingly.
Many websites have different rules governing the creation of usernames and passwords. Some require passwords that include a complex combination of letters, numbers, and other characters. Others have no restrictions whatsoever.
With the proliferation of login-access websites, Internet users often must remember dozens (or more) different username/password combinations, one for each secure website they wish to access. This has resulted in what has come to be known as “password fatigue.”
Partly in response to this perceived problem, the concept of the “digital identity” has evolved. A digital identity is a set of characteristics by which a person or thing is recognizable or distinguished in the digital realm. Digital identity allows for the electronic recognition of an individual or thing without confusing it for someone or something else.
There are many applications for an Internet user's digital identity, including authenticating the user before permitting access to a website. One method for such authentication includes the use of a URL (i.e.—OPENID) that may or may not interact with a piece of client software (i.e.—MICROSOFT WINDOWS CARDSPACE).
URL-based digital identity systems (such as OPENID) utilize a framework based on the concept that any individual or entity can identify themselves on the Internet with a URL provided by a Digital Identity Provider (i.e.—johndoe.openid.com). The Digital Identity Provider maintains an Identity Server on which a Digital Identity Database (a database of provided digital identity URLs and the corresponding authentication passwords) is stored. Once obtained, the Internet user may utilize their digital identity URL to access various websites. For example, to login to an OPENID-enabled website, the user enters their digital identity URL in the username box. The user is then momentarily redirected to the user's Digital Identity Provider's website (or an authentication window appears) to login using whatever password they have set up with their Digital Identity Provider. Once authenticated, the Digital Identity Provider sends the participating website an encrypted message (a token) confirming the identity of the person logging in.
Client-software-based digital identity systems (such as MICROSOFT WINDOWS CARDSPACE) utilize a piece of client software that enables Internet users to securely provide their digital identity to online services. CARDSPACE, for example, is a framework developed by MICROSOFT that securely stores an individual or entities' digital identity and provides an interface for choosing the appropriate digital identity for a particular transaction, such as logging into a website. When a CARDSPACE user's browser opens a password-protected website, CARDSPACE pops up a security-hardened user interface with a set of “cards” for the user to choose from. Each card has some identity data associated with it. When the user chooses a card, a request in the form of a web service call goes to the Digital Identity Provider, and a signed and encrypted security token is returned containing the required information (i.e.—credit limit, employer's name and address, or perhaps a social security number). The user then decides whether to release this information to the requesting online service. If the user approves, the token is sent on to the website where the token is processed and the user is authenticated.
In February 2007, MICROSOFT announced that it will collaborate with other companies on interoperability between OPENID and CARDSPACE as digital identity technologies.
There are currently numerous Digital Identity Providers offering URL-based (OPENID) digital identity services, meaning they offer digital identity URLs and servers to authenticate them.
Applicants have noticed that these services, however, require that a Registrant's digital identity be hosted on the Digital Identity Provider's servers. This has resulted in digital identity URLs that necessarily incorporate the Digital Identity Provider's domain name (i.e.—johndoe.myopenid.com, johndoe.pip.verisignlabs.com, johndoe.videntity.com, or getopenid.com/johndoe). An Internet user who wishes to own a domain name and obtain a digital identity URL must therefore separately register their domain name and digital identity though different entities (a domain name Registrar and a Digital Identity Provider). This results in the domain name and the digital identity URL being hosted by different entities on different servers and the inability of the Internet user to easily utilize his domain name in his digital identity URL. This precludes the Internet user from having a streamlined set of e-commerce tools (i.e.—email address, website address, and digital identity URL) based on his domain name.
Irrespective of the digital identity platform utilized (WINDOWS CARDSPACE, OPENID, or other—perhaps undeveloped—technologies), there are numerous other ways (aside from website user authentication) in which an Internet user's digital identity may be utilized.
For example, an Internet user may wish to participate in an online social network or dating service, offer an item or service for online sale, or post a comment or opinion on a website. For each of these applications, the Internet user may be identified by their digital identity.
It would be useful to a Requester (including those deciding whether to interact online with the Internet user) if, before choosing to interact, the Requestor could obtain, review, and assess digital identity related reputation data, including, but not limited to, reputation of the digital identity itself or reputation of a person, entity, user, registrant, URL, domain name, email address, or website associated with the digital identity. The Requestor could then decide whether to interact with the Internet user based upon the digital identity related reputation data with the Subject.
Conversely, it would be useful to a Subject (i.e.—the individual or entity to whom a digital identity is registered) to have a favorable reputation rating made available to Internet users. The favorable rating would encourage Internet users to engage in online social, e-commerce, or other activities with the Subject.
Unfortunately, malevolent Internet users may be motivated to defraud digital identity related reputation systems. For example, an individual may fraudulently register a digital identity and take steps to cause a negative reputation rating for the digital identity or an individual, entity, domain name, email address, or website fraudulently associated with the digital identity. Malware also could be developed to simulate a valid digital identity for the purpose of tarnishing the digital identity's reputation.
Applicants have noticed that presently-existing Digital Identity Providers offer no digital identity validation process allowing digital identity users to prove that they are the true, correct, and legal originator of their digital identity.
Even a validated digital identity registrant, however, may abuse the Internet. Among such abuses are phishing, pharming, spamming, or posting illegal content on a website (i.e.—child pornography).
Phishing is the luring of sensitive information, such as passwords, credit card numbers, bank accounts, or other personal information, from an Internet user by masquerading as someone trustworthy with a legitimate need for such information. Pharming is a hacker's attack aiming to redirect a website's traffic to another (bogus) website. Pharming can be conducted either by changing the hosts file on a victim's computer or by exploitation of a vulnerability in DNS server software. Spam or unsolicited email is flooding the Internet with many copies of the identical or nearly identical message, in an attempt to force the message on people who would not otherwise choose to receive it. Most spam is commercial advertising, often for dubious products, get-rich-quick schemes, or quasi-legal services.
Applicants are unaware of any system or method for tracking or publishing digital identity related reputation for such Internet use or abuse (either positive or negative).
In response to the concerns discussed above, there is a need for better systems and methods for registering digital identities, validating digital identity origin and ownership, and tracking and publishing digital identity related reputation data.